SNMPv3 Get and Set Code Examples

Looking for code examples to Set and Get assuming one has the Security Name, Auth and Private session keys.

Do you have seen the org.snmp4j package JavaDoc already?
https://snmp4j.org/doc/org/snmp4j/package-summary.html

What is missing to build a SNMPv3 GET example from that is the USM configuration. This can be taken from here by removing the second USM instance and configuring only one:
https://doc.snmp.app/pages/viewpage.action?pageId=1441800

Nevertheless, I will post a complete example later here…

Thank you, I will be patiently waiting for your complete examples. I’ll review the examples you provided.

@AGENTPP ,

Will you provide the complete examples to this thread?

thank you

Maurice

Hi Maurice,

A fully featured example is included in the SNMP4J code base as org.snmp4j.tools.console.SnmpCommand class.

I know that your looking for something shorter. I will provide a short sample code soon (within 24h), but I have finish some other tasks first.

Best regards,
Frank

Thank you!! Any additional source will help!

Maurice

I have added a GETNEXT SNMPv3 code sample in the SNMP4J FAQ at:
https://doc.snmp.app/pages/viewpage.action?pageId=42369028

It shows, that it is not necessary (and not recommended) to create a SNMP4J instance and/or a USM per send PDU. The opposite is true! Please reuse USM, SNMP4J, and MPv3 and the TransportMapping you use, because their creation costs much more CPU cycles than sending a PDU.

Very expensive (in relation) is creating an UsmUser (i.e. localising the passphrase). This should be done only once per session (not per PDU).

Hope this helps.

1 Like

It appears from the log, it is sourcing from my IPv4 address and not the IPv6 address

Thoughts?

2019-07-08 16:15:55.040 main DEBUG Initialized Salt to fa7a2a9058a52dbc.
2019-07-08 16:15:55.088 DefaultUDPTransportMapping_10.166.40.139/53628 DEBUG UDP receive buffer size for socket 10.166.40.139/0 is set to: 65536
2019-07-08 16:15:55.090 DefaultUDPTransportMapping_10.166.40.139/53628 INFO Listening on socket 10.166.40.139/53628
2019-07-08 16:15:55.126 main DEBUG Adding user docsisManager = UsmUser[secName=docsisManager,authProtocol=1.3.6.1.6.3.10.1.1.5,authPassphrase=40816FF828BF22706590A2A36B821621,privProtocol=1.3.6.1.6.3.10.1.2.4,privPassphrase=1869B0962D95E42595E93A5BF96C6325,localizationEngineID=null]
2019-07-08 16:15:55.152 main DEBUG RFC3414 §3.1.4.b Outgoing message is not encrypted
2019-07-08 16:15:55.178 main DEBUG Adding cache entry: StateReference[msgID=421504317,pduHandle=PduHandle[752150146],securityEngineID=,securityModel=org.snmp4j.security.USM@22f71333,securityName=docsisManager,securityLevel=1,contextEngineID=,contextName=,retryMsgIDs=null]
2019-07-08 16:15:55.200 main DEBUG Running pending async request with handle PduHandle[752150146] and retry count left 1
2019-07-08 16:15:55.220 main DEBUG Sending message to 2001:558:4082:4e:225:f1ff:fe86:12fe/161 from 10.166.40.139/53628 with length 61: 30:3b:02:01:03:30:11:02:04:19:1f:a5:3d:02:03:00:ff:ff:04:01:04:02:01:03:04:10:30:0e:04:00:02:01:00:02:01:00:04:00:04:00:04:00:30:11:04:00:04:00:a1:0b:02:01:00:02:01:00:02:01:00:30:00
2019-07-08 16:15:55.222 main DEBUG Sending packet to 2001:558:4082:4e:225:f1ff:fe86:12fe/161
java.net.BindException: Cannot assign requested address: Datagram send failed
at java.base/java.net.DualStackPlainDatagramSocketImpl.socketSend(Native Method)
at java.base/java.net.DualStackPlainDatagramSocketImpl.send(DualStackPlainDatagramSocketImpl.java:136)
at java.base/java.net.DatagramSocket.send(DatagramSocket.java:695)
at org.snmp4j.transport.DefaultUdpTransportMapping.sendMessage(DefaultUdpTransportMapping.java:128)
at org.snmp4j.transport.DefaultUdpTransportMapping.sendMessage(DefaultUdpTransportMapping.java:48)
at org.snmp4j.MessageDispatcherImpl.sendMessage(MessageDispatcherImpl.java:219)
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:523)
at org.snmp4j.Snmp.sendMessage(Snmp.java:1054)
at org.snmp4j.Snmp.send(Snmp.java:1025)
at org.snmp4j.Snmp.send(Snmp.java:1012)
at org.snmp4j.Snmp.getNext(Snmp.java:696)
at main.UsmGetNext.next(UsmGetNext.java:139)
at main.UsmGetNext.main(UsmGetNext.java:163)
org.snmp4j.MessageException: Cannot assign requested address: Datagram send failed
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:543)
at org.snmp4j.Snmp.sendMessage(Snmp.java:1054)
at org.snmp4j.Snmp.send(Snmp.java:1025)
at org.snmp4j.Snmp.send(Snmp.java:1012)
at org.snmp4j.Snmp.getNext(Snmp.java:696)
at main.UsmGetNext.next(UsmGetNext.java:139)
at main.UsmGetNext.main(UsmGetNext.java:163)
Caused by: java.net.BindException: Cannot assign requested address: Datagram send failed
at java.base/java.net.DualStackPlainDatagramSocketImpl.socketSend(Native Method)
at java.base/java.net.DualStackPlainDatagramSocketImpl.send(DualStackPlainDatagramSocketImpl.java:136)
at java.base/java.net.DatagramSocket.send(DatagramSocket.java:695)
at org.snmp4j.transport.DefaultUdpTransportMapping.sendMessage(DefaultUdpTransportMapping.java:128)
at org.snmp4j.transport.DefaultUdpTransportMapping.sendMessage(DefaultUdpTransportMapping.java:48)
at org.snmp4j.MessageDispatcherImpl.sendMessage(MessageDispatcherImpl.java:219)
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:523)
… 6 more

Trying to figure this out:

Not sure why there a default IPv4 mapping? Am I missing something?

I am using a dual stack, but not sure why I am getting this error.

thoughts?

2019-07-08 16:15:55.040 main DEBUG Initialized Salt to fa7a2a9058a52dbc.
2019-07-08 16:15:55.088 DefaultUDPTransportMapping_10.166.40.139/53628 DEBUG UDP receive buffer size for socket 10.166.40.139/0 is set to: 65536
2019-07-08 16:15:55.090 DefaultUDPTransportMapping_10.166.40.139/53628 INFO Listening on socket 10.166.40.139/53628
2019-07-08 16:15:55.126 main DEBUG Adding user docsisManager = UsmUser[secName=xxxxxx,authProtocol=1.3.6.1.6.3.10.1.1.5,authPassphrase=xxxxxxx ,privProtocol=1.3.6.1.6.3.10.1.2.4,privPassphrase=xxxxxx,localizationEngineID=null]
2019-07-08 16:15:55.152 main DEBUG RFC3414 §3.1.4.b Outgoing message is not encrypted
2019-07-08 16:15:55.178 main DEBUG Adding cache entry: StateReference[msgID=421504317,pduHandle=PduHandle[752150146],securityEngineID=,securityModel=org.snmp4j.security.USM@22f71333,securityName=xxxxx,securityLevel=1,contextEngineID=,contextName=,retryMsgIDs=null]
2019-07-08 16:15:55.200 main DEBUG Running pending async request with handle PduHandle[752150146] and retry count left 1
2019-07-08 16:15:55.220 main DEBUG Sending message to 2001:558:4082:4e:225:f1ff:fe86:12fe/161 from 10.166.40.139/53628 with length 61: 30:3b:02:01:03:30:11:02:04:19:1f:a5:3d:02:03:00:ff:ff:04:01:04:02:01:03:04:10:30:0e:04:00:02:01:00:02:01:00:04:00:04:00:04:00:30:11:04:00:04:00:a1:0b:02:01:00:02:01:00:02:01:00:30:00
2019-07-08 16:15:55.222 main DEBUG Sending packet to 2001:558:4082:4e:225:f1ff:fe86:12fe/161
java.net.BindException: Cannot assign requested address: Datagram send failed
at java.base/java.net.DualStackPlainDatagramSocketImpl.socketSend(Native Method)
at java.base/java.net.DualStackPlainDatagramSocketImpl.send(DualStackPlainDatagramSocketImpl.java:136)
at java.base/java.net.DatagramSocket.send(DatagramSocket.java:695)
at org.snmp4j.transport.DefaultUdpTransportMapping.sendMessage(DefaultUdpTransportMapping.java:128)
at org.snmp4j.transport.DefaultUdpTransportMapping.sendMessage(DefaultUdpTransportMapping.java:48)
at org.snmp4j.MessageDispatcherImpl.sendMessage(MessageDispatcherImpl.java:219)
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:523)
at org.snmp4j.Snmp.sendMessage(Snmp.java:1054)
at org.snmp4j.Snmp.send(Snmp.java:1025)
at org.snmp4j.Snmp.send(Snmp.java:1012)
at org.snmp4j.Snmp.getNext(Snmp.java:696)
at main.UsmGetNext.next(UsmGetNext.java:139)
at main.UsmGetNext.main(UsmGetNext.java:163)
org.snmp4j.MessageException: Cannot assign requested address: Datagram send failed
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:543)
at org.snmp4j.Snmp.sendMessage(Snmp.java:1054)
at org.snmp4j.Snmp.send(Snmp.java:1025)
at org.snmp4j.Snmp.send(Snmp.java:1012)
at org.snmp4j.Snmp.getNext(Snmp.java:696)
at main.UsmGetNext.next(UsmGetNext.java:139)
at main.UsmGetNext.main(UsmGetNext.java:163)
Caused by: java.net.BindException: Cannot assign requested address: Datagram send failed
at java.base/java.net.DualStackPlainDatagramSocketImpl.socketSend(Native Method)
at java.base/java.net.DualStackPlainDatagramSocketImpl.send(DualStackPlainDatagramSocketImpl.java:136)
at java.base/java.net.DatagramSocket.send(DatagramSocket.java:695)
at org.snmp4j.transport.DefaultUdpTransportMapping.sendMessage(DefaultUdpTransportMapping.java:128)
at org.snmp4j.transport.DefaultUdpTransportMapping.sendMessage(DefaultUdpTransportMapping.java:48)
at org.snmp4j.MessageDispatcherImpl.sendMessage(MessageDispatcherImpl.java:219)
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:523)

Please read this article from Oracle on this subject:
https://docs.oracle.com/javase/7/docs/technotes/guides/net/ipv6_guide/index.html
By default DefaultUdpTransportMapping binds the any local address using 0.0.0.0/0. If the dual stack setup on your system does not work properly, you may bind to a IPv6 local address directly to workaround this exception.

Does SNMP Set works on SNMP4j Version - 1.11.3??

Yes, sure.
But why do you want to use such an old version of SNMP4J?

SNMP4J 1.x is about ten years old and no longer supported! I discourage anyone from using such an old version.

Latest version is 3.3.3.

Can you also provide an example code to send Get/Getbulk request to an agent with v3 protocol? That would be of great help in understanding.

Regards,
Nihal

For a SNMPv3 GETNEXT example see:
https://www.snmp4j.org
Simply change the PDU type in the following line and you get a GET or GETBULK example too:

PDU pdu = targetBuilder.pdu().type(PDU.GETNEXT).oids(oids).contextName(contextName).build();

For GETBULK you might need to modify the maxRepetitions and nonRepeaters values as well.

Hi Frank,

Thanks for your quick response. I did try the above suggestion for sending a get bulk request. But it ended up giving an exception which said “Message processing model 3 returned error: Unsupported security level”.

I did try to add the auth and priv protocols to the SecurityProtocol instance as below, but that too didn’t help. Please let me know if I am missing something here.

                SecurityProtocols.getInstance().addAuthenticationProtocol(new AuthMD5());
		SecurityProtocols.getInstance().addPrivacyProtocol(new PrivDES());
		SecurityProtocols.getInstance().addDefaultProtocols();

Below is the stack-trace:
java.util.concurrent.ExecutionException: org.snmp4j.MessageException: Message processing model 3 returned error: Unsupported security level
at java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:396)
at java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:2073)
at manager.UsmGetNext.nextFluent(UsmGetNext.java:52)
at manager.UsmGetNext.main(UsmGetNext.java:85)
Caused by: org.snmp4j.MessageException: Message processing model 3 returned error: Unsupported security level
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:625)
at org.snmp4j.util.MultiThreadedMessageDispatcher.sendPdu(MultiThreadedMessageDispatcher.java:164)
at org.snmp4j.Snmp.sendMessage(Snmp.java:1074)
at org.snmp4j.Snmp.send(Snmp.java:1044)
at org.snmp4j.Snmp.send(Snmp.java:1031)
at org.snmp4j.fluent.SnmpCompletableFuture.send(SnmpCompletableFuture.java:100)
at manager.UsmGetNext.nextFluent(UsmGetNext.java:50)
… 1 more
Message processing model 3 returned error: Unsupported security level

Code:

public void nextFluent(String address, String contextName, String securityName, String authPassphrase,
			String privPassphrase, String... oids) throws IOException {
		SecurityProtocols.getInstance().addAuthenticationProtocol(new AuthMD5());
		SecurityProtocols.getInstance().addPrivacyProtocol(new PrivDES());
		SecurityProtocols.getInstance().addDefaultProtocols();
		SnmpBuilder snmpBuilder = new SnmpBuilder();
		Snmp snmp = snmpBuilder.udp().v3().usm().threads(5).build();
		snmp.listen();
		Address targetAddress = GenericAddress.parse(address);
		byte[] targetEngineID = snmp.discoverAuthoritativeEngineID(targetAddress, 1000);
		System.out.println(targetEngineID);
		if (targetEngineID != null) {
			TargetBuilder<?> targetBuilder = snmpBuilder.target(targetAddress);
			Target<?> userTarget = targetBuilder.v3().user(securityName, targetEngineID).auth(TargetBuilder.AuthProtocol.md5)
					.authPassphrase(authPassphrase).priv(TargetBuilder.PrivProtocol.des).privPassphrase(privPassphrase)
					.done().timeout(500).retries(1).build();
			userTarget.setSecurityLevel(SecurityLevel.AUTH_PRIV);;
//			PDU pdu = new ScopedPDU();
//			ScopedPDU customPDU = new ScopedPDU();
//			//customPDU.setContextName(new OctetString(""));
//			pdu=customPDU;
//			pdu.add(new VariableBinding(new OID("1.3.6.1.4.1")));
//			pdu.setType(PDU.GETBULK);
			PDU pdu = targetBuilder.pdu().type(PDU.GETNEXT).oids(oids).contextName("").build();
			SnmpCompletableFuture snmpRequestFuture = SnmpCompletableFuture.send(snmp, userTarget, pdu);
			try {
				List<VariableBinding> vbs = snmpRequestFuture.get().getAll();

				System.out.println("Received: " + snmpRequestFuture.getResponseEvent().getResponse());
				System.out.println("Payload:  " + vbs);
			} catch (ExecutionException | InterruptedException ex) {
				ex.printStackTrace();
				if (ex.getCause() != null) {
					System.err.println(ex.getCause().getMessage());
				} else {
					System.err.println("Request failed: " + ex.getMessage());
				}
			}
		} else {
			System.err.println("Timeout on engine ID discovery for " + targetAddress + ", GETNEXT not sent.");
		}
		snmp.close();
	}

MD5 is not secure anymore and therefore not supported by default.

Okay. I tried to give Sha as auth protocol. But still, the issue persists. It says the security level (which is “AuthPriv”), in my case, is invalid.

TargetBuilder<?> targetBuilder = snmpBuilder.target(targetAddress);
			Target<?> userTarget = targetBuilder.v3().user(securityName, targetEngineID).auth(TargetBuilder.AuthProtocol.sha1)
					.authPassphrase(authPassphrase).priv(TargetBuilder.PrivProtocol.des).privPassphrase(privPassphrase)
					.done().timeout(500).retries(1).build();

Error:
java.util.concurrent.ExecutionException: org.snmp4j.MessageException: Message processing model 3 returned error: Unsupported security level
at java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:396)
at java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:2073)
at manager.UsmGetNext.nextFluent(UsmGetNext.java:54)
at manager.UsmGetNext.main(UsmGetNext.java:87)
Caused by: org.snmp4j.MessageException: Message processing model 3 returned error: Unsupported security level
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:625)
at org.snmp4j.util.MultiThreadedMessageDispatcher.sendPdu(MultiThreadedMessageDispatcher.java:164)
at org.snmp4j.Snmp.sendMessage(Snmp.java:1074)
at org.snmp4j.Snmp.send(Snmp.java:1044)
at org.snmp4j.Snmp.send(Snmp.java:1031)
at org.snmp4j.fluent.SnmpCompletableFuture.send(SnmpCompletableFuture.java:100)
at manager.UsmGetNext.nextFluent(UsmGetNext.java:52)
… 1 more
Message processing model 3 returned error: Unsupported security level

SHA1 is deprecated too. You can still use it, but you have to explicitly register it.

Thanks for the support. I was able to enable it using the below line

SecurityProtocols.getInstance().addAuthenticationProtocol(new AuthMD5());